<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-CN" lang="zh-CN">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<meta name="keywords" content="SecWiki，维基，安全，资讯，专题，导航，RSS聚合，Ｗeb安全，Ｗeb安全，移动平台，二进制安全，恶意分析，网络安全，设备安全，运维技术，编程技术，书籍推荐">
	<title>SecWiki周刊（第137期)</title>
	<link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/bootstrap.css"/>
    <link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/styles.css" />
    <link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/people.css" />
    <link rel="shortcut icon" href="https://secwiki.b0.upaiyun.com/img/favicon.ico">
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script src="//upcdn.b0.upaiyun.com/libs/jquery/jquery-1.8.3.min.js"></script>
</head>

<body>
<div class="navbar navbar-fixed-top"><div class="navbar-inner"><div class="container"><a class="btn btn-navbar" data-toggle="collapse" data-target="#yii_bootstrap_collapse_0"><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></a><a href="/index.php" class="brand"><img src="https://secwiki.b0.upaiyun.com/logo.jpg" alt="" /></a><div class="nav-collapse collapse" id="yii_bootstrap_collapse_0"><form class="navbar-search pull-right" action="/news/search">
         <input type="text" class="search-query span2" name="wd" placeholder="SecWiki">
        </form>
    	<ul id="yw0" class="nav"><li><a href="/index.php">首页</a></li><li><a href="/event">新闻</a></li><li><a href="/news">技术</a></li><li><a href="/skill">技能</a></li><li><a href="/topic">专题</a></li><li><a href="/book">书籍</a></li><li><a href="/user/members">成员</a></li><li><a href="/opml/index">聚合</a></li><li><a href="/tougao/create">投稿</a></li></ul></div></div></div></div>
<div class="container" id="page">
			<!-- breadcrumbs -->
	
    <div style="margin-left: 15px;">
	    <div class="row-fluid">
    <div id="content">
            <link rel="stylesheet" type="text/css" href="/css/mweekly.css"/>

<h5><strong>SecWiki周刊（第137期）</strong></h5>
<blockquote> 2016/10/10-2016/10/16</blockquote>
<section id="news">
    <div class="weeklydivide">
      <strong>安全资讯</strong>
    </div><div class="single"><span id="tags">[人物]&nbsp;&nbsp;</span>CNCC 人物专访 谭晓生（上）<br><a target="_blank" href="http://m.leiphone.com/news/201610/nlOvp2QmHI6yOg5e.html%3Ffrom%3Dtimeline%26isappinstalled%3D0%26viewType%3Dweixin">http://m.leiphone.com/news/201610/nlOvp2QmHI6yOg5e.html%3Ffrom%3Dtimeline%26isappinstalled%3D0%26viewType%3Dweixin</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>&quot;网络空间安全&quot; 重点专项 2017 年度项目申报指南<br><a target="_blank" href="http://www.most.gov.cn/mostinfo/xinxifenlei/fgzc/gfxwj/gfxwj2016/201610/t20161013_128183.htm">http://www.most.gov.cn/mostinfo/xinxifenlei/fgzc/gfxwj/gfxwj2016/201610/t20161013_128183.htm</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>初见（NSRC公众号开张）<br><a target="_blank" href="http://mp.weixin.qq.com/s%3F__biz%3DMzIxNDI0MDAxNg%3D%3D%26mid%3D2247483656%26idx%3D1%26sn%3Df04e3c199ffc312d875bafc6167d94bd%26chksm%3D97abdf77a0dc5661ff6a95c3a2268041274847c0975a9bd708e5e838eaf957b7be0781ff6b46%26mp">http://mp.weixin.qq.com/s%3F__biz%3DMzIxNDI0MDAxNg%3D%3D%26mid%3D2247483656%26idx%3D1%26sn%3Df04e3c199ffc312d875bafc6167d94bd%26chksm%3D97abdf77a0dc5661ff6a95c3a2268041274847c0975a9bd708e5e838eaf957b7be0781ff6b46%26mp</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>阿里云安全算法挑战赛英雄榜榜单<br><a target="_blank" href="http:/mp.weixin.qq.com/s%3F__biz%3DMzAwNjM1ODkxNQ%3D%3D%26mid%3D2650886776%26idx%3D1%26sn%3D0ab55457add1828d7ed428c7e354d94a%26chksm%3D80fb6094b78ce982dffd440dcc0fc80adf962604d682a852f030f6d7d6f17f1455a74cd616d8%26mp">http:/mp.weixin.qq.com/s%3F__biz%3DMzAwNjM1ODkxNQ%3D%3D%26mid%3D2650886776%26idx%3D1%26sn%3D0ab55457add1828d7ed428c7e354d94a%26chksm%3D80fb6094b78ce982dffd440dcc0fc80adf962604d682a852f030f6d7d6f17f1455a74cd616d8%26mp</a></div><div class="single"><span id="tags">[事件]&nbsp;&nbsp;</span> CIA Prepping for Possible Cyber Strike Against Russia<br><a target="_blank" href="http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636">http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636</a></div><div class="single"><span id="tags">[事件]&nbsp;&nbsp;</span>英国家网络安全中心将正式投入运行<br><a target="_blank" href="http://mp.weixin.qq.com/s%3F__biz%3DMzIwMTU0NDA0MQ%3D%3D%26mid%3D2650104929%26idx%3D4%26sn%3Daf83b99fad75adbd57693df65c73aa74%26chksm%3D8eed9c67b99a1571637ecb4ca7cbc8cf469009d075c0a473a919cef79975ae7214a876399bc4%26mp">http://mp.weixin.qq.com/s%3F__biz%3DMzIwMTU0NDA0MQ%3D%3D%26mid%3D2650104929%26idx%3D4%26sn%3Daf83b99fad75adbd57693df65c73aa74%26chksm%3D8eed9c67b99a1571637ecb4ca7cbc8cf469009d075c0a473a919cef79975ae7214a876399bc4%26mp</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>黑客小说：杀手 （第五章 追踪 上）<br><a target="_blank" href="http://www.jianshu.com/p/63af53d8d5be%3Futm_campaign%3Dhugo%26utm_medium%3Dreader_share%26utm_content%3Dnote%26utm_source%3Dweixin-timeline%26from%3Dtimeline%26isappinstalled%3D0">http://www.jianshu.com/p/63af53d8d5be%3Futm_campaign%3Dhugo%26utm_medium%3Dreader_share%26utm_content%3Dnote%26utm_source%3Dweixin-timeline%26from%3Dtimeline%26isappinstalled%3D0</a></div><div class="single"><span id="tags">[事件]&nbsp;&nbsp;</span>新加坡正式公布国家网络安全策略<br><a target="_blank" href="http://www.freebuf.com/news/116395.html">http://www.freebuf.com/news/116395.html</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>HackerOne CEO专访：我们正在打造全球最大的安全人才库<br><a target="_blank" href="http://www.freebuf.com/articles/neopoints/116064.html">http://www.freebuf.com/articles/neopoints/116064.html</a></div></section><section id="news">
    <div class="weeklydivide">
      <strong>安全技术</strong>
    </div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>ssh-audit:开源SSH服务器审计工具<br><a target="_blank" href="http://www.mottoin.com/90572.html">http://www.mottoin.com/90572.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>BurpSuite中的安全测试插件推荐<br><a target="_blank" href="http://www.mottoin.com/90188.html">http://www.mottoin.com/90188.html</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>TcpScanner端口存活性检测<br><a target="_blank" href="http://thief.one/2016/10/14/TcpScanner%E7%AB%AF%E5%8F%A3%E5%AD%98%E6%B4%BB%E6%8E%A2%E6%B5%8B/">http://thief.one/2016/10/14/TcpScanner%E7%AB%AF%E5%8F%A3%E5%AD%98%E6%B4%BB%E6%8E%A2%E6%B5%8B/</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>黑帽SEO之暗链<br><a target="_blank" href="http://thief.one/2016/10/12/%E9%BB%91%E5%B8%BDSEO%E4%B9%8B%E6%9A%97%E9%93%BE/">http://thief.one/2016/10/12/%E9%BB%91%E5%B8%BDSEO%E4%B9%8B%E6%9A%97%E9%93%BE/</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>SQLMAP源码分析—第一讲:架构篇<br><a target="_blank" href="http://v.youku.com/v_show/id_XMTc1NDI5NjA0OA==.html?refer=eco-h5-wbtb&amp;tuid=UNTgxMDQzNzI4">http://v.youku.com/v_show/id_XMTc1NDI5NjA0OA==.html?refer=eco-h5-wbtb&amp;tuid=UNTgxMDQzNzI4</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>windows服务器信息收集工具<br><a target="_blank" href="http://thief.one/2016/09/04/windows%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86%E5%B7%A5%E5%85%B7/">http://thief.one/2016/09/04/windows%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86%E5%B7%A5%E5%85%B7/</a></div><div class="single"><span id="tags">[视频]&nbsp;&nbsp;</span>Black Hat USA 2016 Video<br><a target="_blank" href="https://www.youtube.com/playlist?list=PLbHqJuIbKd_6jPpl9pnXGUmUj8gtlWony">https://www.youtube.com/playlist?list=PLbHqJuIbKd_6jPpl9pnXGUmUj8gtlWony</a></div><div class="single"><span id="tags">[取证分析]&nbsp;&nbsp;</span>基于linux嵌入式固件动态分析-FIRMADYNE<br><a target="_blank" href="http://www.bincker.net/?p=429">http://www.bincker.net/?p=429</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>从甲方的角度谈谈WAF测试方法--part2<br><a target="_blank" href="http://www.lewisec.com/2016/10/10/%E4%BB%8E%E7%94%B2%E6%96%B9%E7%9A%84%E8%A7%92%E5%BA%A6%E8%B0%88%E8%B0%88WAF%E6%B5%8B%E8%AF%95%E6%96%B9%E6%B3%95-part2/">http://www.lewisec.com/2016/10/10/%E4%BB%8E%E7%94%B2%E6%96%B9%E7%9A%84%E8%A7%92%E5%BA%A6%E8%B0%88%E8%B0%88WAF%E6%B5%8B%E8%AF%95%E6%96%B9%E6%B3%95-part2/</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>基于御安全APK加固的游戏反外挂方案<br><a target="_blank" href="http://yaq.qq.com/blog/11">http://yaq.qq.com/blog/11</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>解析Mimikatz日志文件<br><a target="_blank" href="http://www.mottoin.com/90550.html">http://www.mottoin.com/90550.html</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>利用python进行识别相似图片(二)<br><a target="_blank" href="https://segmentfault.com/a/1190000004500523?_ea=630748">https://segmentfault.com/a/1190000004500523?_ea=630748</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>Github just censored my research data<br><a target="_blank" href="http://gwillem.gitlab.io/2016/10/14/github-censored-research-data/">http://gwillem.gitlab.io/2016/10/14/github-censored-research-data/</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>How to perform real time Text Analytics on Twitter streaming data in SAS ESP<br><a target="_blank" href="http://blogs.sas.com/content/sgf/2016/10/05/how-to-perform-real-time-text-analytics-on-twitter-streaming-data-in-sas-esp/">http://blogs.sas.com/content/sgf/2016/10/05/how-to-perform-real-time-text-analytics-on-twitter-streaming-data-in-sas-esp/</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>利用python进行识别相似图片(一)<br><a target="_blank" href="https://segmentfault.com/a/1190000004467183">https://segmentfault.com/a/1190000004467183</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>Mirai源码分析报告<br><a target="_blank" href="http://blog.nsfocus.net/mirai-source-analysis-report/">http://blog.nsfocus.net/mirai-source-analysis-report/</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android安全之WebViewUXSS漏洞<br><a target="_blank" href="http://yaq.qq.com/blog/12">http://yaq.qq.com/blog/12</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>BBQSQL:SQL注入利用工具<br><a target="_blank" href="http://www.mottoin.com/90324.html">http://www.mottoin.com/90324.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>PostScript语言安全研究(一)ImageMagick新漏洞分析<br><a target="_blank" href="http://drops.wiki/index.php/2016/10/15/postscript/">http://drops.wiki/index.php/2016/10/15/postscript/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>如何利用配置错误的SUID获取root权限并提权<br><a target="_blank" href="http://www.mottoin.com/90304.html">http://www.mottoin.com/90304.html</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>打造不被检测的Metasploit WAR<br><a target="_blank" href="http://www.mottoin.com/90302.html">http://www.mottoin.com/90302.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>CVE-2016-4977: RCE in Spring Security Oauth漏洞分析<br><a target="_blank" href="http://www.mottoin.com/90527.html">http://www.mottoin.com/90527.html</a></div><div class="single"><span id="tags">[文档]&nbsp;&nbsp;</span>黑产白皮书 DDoS 篇——乌云笼罩下的产业百态<br><a target="_blank" href="http://www.freebuf.com/articles/network/116340.html">http://www.freebuf.com/articles/network/116340.html</a></div><div class="single"><span id="tags">[比赛]&nbsp;&nbsp;</span>2016CCF大数据与计算智能大赛<br><a target="_blank" href="http://www.wid.org.cn/data/science/activity/ccf2016/index.html">http://www.wid.org.cn/data/science/activity/ccf2016/index.html</a></div><div class="single"><span id="tags">[无线安全]&nbsp;&nbsp;</span>【Electronic Warfare Payloads of UAVs】无人机电子战载荷的新发展<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzAwMDE3MzgxMQ==&amp;mid=2654113135&amp;idx=1&amp;sn=ca97f2f7a1266217308650abac3ce48d&amp;chksm=812adef3b65d57e5dc69ccade33475fccf45ecc3c20ba44a8d8ffaefd3b263203d98a4c3190c&amp;mpshare=1&amp;scene=1&amp;srcid=1016YGQhMu5mAYVzrC4OnUnv#rd">http://mp.weixin.qq.com/s?__biz=MzAwMDE3MzgxMQ==&amp;mid=2654113135&amp;idx=1&amp;sn=ca97f2f7a1266217308650abac3ce48d&amp;chksm=812adef3b65d57e5dc69ccade33475fccf45ecc3c20ba44a8d8ffaefd3b263203d98a4c3190c&amp;mpshare=1&amp;scene=1&amp;srcid=1016YGQhMu5mAYVzrC4OnUnv#rd</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>使用随机用户代理进行WAF测试<br><a target="_blank" href="http://www.mottoin.com/90178.html">http://www.mottoin.com/90178.html</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>使用Python实现指定Twitter用户Followers收集<br><a target="_blank" href="http://www.mottoin.com/90327.html">http://www.mottoin.com/90327.html</a></div><div class="single"><span id="tags">[设备安全]&nbsp;&nbsp;</span>2016绿盟科技网络视频监控系统安全报告<br><a target="_blank" href="http://blog.nsfocus.net/wp-content/uploads/2016/10/2016_NSFOCUS_Network_Video_Surveillance_System_Security_Report_1014.pdf">http://blog.nsfocus.net/wp-content/uploads/2016/10/2016_NSFOCUS_Network_Video_Surveillance_System_Security_Report_1014.pdf</a></div><div class="single"><span id="tags">[论文]&nbsp;&nbsp;</span>System Security Circus v2.0<br><a target="_blank" href="http://s3.eurecom.fr/~balzarot/notes/top4/">http://s3.eurecom.fr/~balzarot/notes/top4/</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>黑帽SEO之网页劫持<br><a target="_blank" href="http://thief.one/2016/10/12/%E9%BB%91%E5%B8%BDSEO%E4%B9%8B%E7%BD%91%E9%A1%B5%E5%8A%AB%E6%8C%81/">http://thief.one/2016/10/12/%E9%BB%91%E5%B8%BDSEO%E4%B9%8B%E7%BD%91%E9%A1%B5%E5%8A%AB%E6%8C%81/</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>渗透+风险模型+威胁情报(上)<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzA3MTEwNDE1NA==&amp;mid=210199950&amp;idx=1&amp;sn=2bd6d480cc06af5e5cdd8891364becf2&amp;mpshare=1&amp;scene=24&amp;srcid=1007KAlFEWPZjxFBr57kmnQN#rd">http://mp.weixin.qq.com/s?__biz=MzA3MTEwNDE1NA==&amp;mid=210199950&amp;idx=1&amp;sn=2bd6d480cc06af5e5cdd8891364becf2&amp;mpshare=1&amp;scene=24&amp;srcid=1007KAlFEWPZjxFBr57kmnQN#rd</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>attackercan/regexp-security-cheatsheet <br><a target="_blank" href="https://github.com/attackercan/regexp-security-cheatsheet">https://github.com/attackercan/regexp-security-cheatsheet</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>基于Python的WebServer<br><a target="_blank" href="http://thief.one/2016/09/14/%E5%9F%BA%E4%BA%8EPython%E7%9A%84WebServer/">http://thief.one/2016/09/14/%E5%9F%BA%E4%BA%8EPython%E7%9A%84WebServer/</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>ShinoBOT – Malware Attack Simulator Framework<br><a target="_blank" href="http://www.sectechno.com/shinobot-malware-attack-simulator-framework/">http://www.sectechno.com/shinobot-malware-attack-simulator-framework/</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>起点:如何成为一名黑客?<br><a target="_blank" href="http://suip.cc/d/1--">http://suip.cc/d/1--</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>玩一场漏洞游戏:网易开源Pomelo游戏服务端框架远程命令执行<br><a target="_blank" href="http://www.mottoin.com/90444.html">http://www.mottoin.com/90444.html</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android安全之Https中间人攻击漏洞<br><a target="_blank" href="http://yaq.qq.com/blog/13">http://yaq.qq.com/blog/13</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>DMA attacking over USB-C and Thunderbolt 3<br><a target="_blank" href="http://blog.frizk.net/2016/10/dma-attacking-over-usb-c-and.html">http://blog.frizk.net/2016/10/dma-attacking-over-usb-c-and.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>基于浏览器的指纹识别: 影响和缓解措施<br><a target="_blank" href="http://paper.seebug.org/64/">http://paper.seebug.org/64/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>从活动目录中Dump NTDS.dit文件<br><a target="_blank" href="http://www.mottoin.com/90278.html">http://www.mottoin.com/90278.html</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>OJ/gobuster: Directory/file &amp; DNS busting tool written in Go <br><a target="_blank" href="https://github.com/OJ/gobuster">https://github.com/OJ/gobuster</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>细数那些鲜为人知的后缀名隐藏技巧 <br><a target="_blank" href="http://www.mottoin.com/90109.html">http://www.mottoin.com/90109.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>通过Win10PE SE ISO或WIM实现持久化后门<br><a target="_blank" href="http://www.mottoin.com/90351.html">http://www.mottoin.com/90351.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>通过远程资源注入的xss利用分析<br><a target="_blank" href="http://www.mottoin.com/90126.html">http://www.mottoin.com/90126.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>逆向智能咖啡机协议实现终端控制<br><a target="_blank" href="http://www.mottoin.com/90168.html">http://www.mottoin.com/90168.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>a series tutorial for linux exploit development to newbie<br><a target="_blank" href="https://github.com/hardenedlinux/linux-exploit-development-tutorial">https://github.com/hardenedlinux/linux-exploit-development-tutorial</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>PyCmd 加密隐形木马<br><a target="_blank" href="http://thief.one/2016/09/18/PyCmd-%E5%8A%A0%E5%AF%86%E9%9A%90%E5%BD%A2%E6%9C%A8%E9%A9%AC/">http://thief.one/2016/09/18/PyCmd-%E5%8A%A0%E5%AF%86%E9%9A%90%E5%BD%A2%E6%9C%A8%E9%A9%AC/</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>Domain Generation Algorithms<br><a target="_blank" href="https://blog.opendns.com/2016/10/10/domain-generation-algorithms-effective/">https://blog.opendns.com/2016/10/10/domain-generation-algorithms-effective/</a></div><div class="single"><span id="tags">[比赛]&nbsp;&nbsp;</span>HITCON 2016 Web 总结<br><a target="_blank" href="http://0x48.pw/2016/10/14/0x24/">http://0x48.pw/2016/10/14/0x24/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>PHP Code Injection Analysis <br><a target="_blank" href="http://www.mottoin.com/90370.html">http://www.mottoin.com/90370.html</a></div><div class="single"><span id="tags">[比赛]&nbsp;&nbsp;</span>orangetw: Collection of CTF Web challenges<br><a target="_blank" href="https://github.com/orangetw/My-CTF-Web-Challenges">https://github.com/orangetw/My-CTF-Web-Challenges</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>Teaching Machines Security: Identifying Botnet Panels<br><a target="_blank" href="https://blog.cylance.com/teaching-machines-security-identifying-botnet-panels">https://blog.cylance.com/teaching-machines-security-identifying-botnet-panels</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>Django CSRF 防护绕过漏洞分析<br><a target="_blank" href="https://virusdefender.net/index.php/archives/753/">https://virusdefender.net/index.php/archives/753/</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>谈一谈SQLite Load_Extension的妙用<br><a target="_blank" href="http://www.mottoin.com/90266.html">http://www.mottoin.com/90266.html</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>spade: APK backdoor embedder<br><a target="_blank" href="https://github.com/suraj-root/spade">https://github.com/suraj-root/spade</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>从老漏洞到新漏洞—iMessage 0day(CVE-2016-1843)挖掘实录 <br><a target="_blank" href="http://blog.knownsec.com/2016/10/imessage-0day_cve-2016-1843/">http://blog.knownsec.com/2016/10/imessage-0day_cve-2016-1843/</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>使用Nginx+uWSGI+Supervisor部署Flask应用<br><a target="_blank" href="http://www.bibodeng.com/?post=190">http://www.bibodeng.com/?post=190</a></div><div class="single"><span id="tags">[杂志]&nbsp;&nbsp;</span>SecWiki周刊(第136期)<br><a target="_blank" href="https://www.sec-wiki.com/weekly/136">https://www.sec-wiki.com/weekly/136</a></div></section>
<section id="news">
        <pre style="margin-top: 15px; margin-bottom: 15px; padding: 6px 10px; max-width: 100%; color: rgb(62, 62, 62); background-color: rgb(255, 255, 255); -webkit-print-color-adjust: exact; border-width: 1px; border-style: solid; border-color: rgb(204, 204, 204); font-size: 13px; line-height: 19px; overflow: auto; border-radius: 3px; box-sizing: border-box !important; word-wrap: break-word !important;"><code class="" style="max-width: 100%; -webkit-print-color-adjust: exact; border-width: initial; border-style: none; border-color: initial; background-color: transparent; border-radius: 3px; box-sizing: border-box !important; word-wrap: break-word !important;">-----微信ID：SecWiki-----
SecWiki，5年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com</code></pre>
    <p style="max-width: 100%; min-height: 1em; color: rgb(62, 62, 62); font-size: 16px; white-space: normal; background-color: rgb(255, 255, 255); box-sizing: border-box !important; word-wrap: break-word !important;"><span style="max-width: 100%; font-size: 14px; box-sizing: border-box !important; word-wrap: break-word !important;">本期原文地址:<span style="max-width: 100%; font-family: Helvetica, arial, sans-serif; box-sizing: border-box !important; word-wrap: break-word !important;">&nbsp;<a href="https://www.sec-wiki.com/weekly/137">SecWiki周刊(第137期)</a></span><br style="max-width: 100%; box-sizing: border-box !important; word-wrap: break-word !important;"></span></p>
</section>
    </div><!-- content -->
</div>
    </div>
</div>

<div id="footer" class="footer">
		<div class="container"  style="margin-top: 5px;">
			<div class="span3">
				<div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/index">最新公告</a>						<span class="line"></span>
					</h5>
					<p>
						<a href='http://www.sec-wiki.com/about/donate'>2016-01-01 打赏功能开通</a><br>
						<a href='http://www.sec-wiki.com/about/join'>2015-01-05 如何加入SecWiki</a><br>
						<a href='http://www.sec-wiki.com/about/submit'>2014-08-08 如何快捷提交资讯</a><br>
						<a href='http://www.sec-wiki.com/about/index'>2012-07-01 关于SecWiki</a><br>
				</div>
			</div>

			<div class="span5">
				<div class="one-third column">
					<h5 class="title">
						<a target="_blank" href="/nav/index">友情链接</a>						<span class="line"></span>
					</h5>
					<p>
						<a href='https://www.secsilo.com/'>安全沙漏</a>&nbsp;
						<a href='http://www.freebuf.com/'>Freebuf</a>&nbsp;
						<a href='http://www.anquanquan.info/'>安全圈</a>&nbsp;
						<a href='http://navisec.it/'>Navisec</a>&nbsp;
                        <a href='http://das.scusec.org'>小黑屋</a>&nbsp;
                        <a href='http://www.polaris-lab.com/'>勾陈Lab</a>
                        <br>
						<a href='http://www.ijiandao.com'>网络尖刀</a>&nbsp;
                        <a href='http://www.shellpub.com/'>ShellPub</a>&nbsp;
                        <a href='http://www.secpulse.com/?secwiki'>SecPulse</a>&nbsp;
                        <a href='https://www.secquan.org/'>圈子</a>
                        <a href='http://bluereader.org/'>深蓝阅读</a>&nbsp;<br>
                        <a href='http://www.bugbank.cn/'>漏洞银行</a>
                        <a href='http://bobao.360.cn/'>安全客</a>
                        <a href='http://www.secfree.com/'>指尖安全</a>
                        <a href='https://www.easyaq.com/'>E安全</a>
                        <a href='http://www.vipread.com/'>安全slide</a>

                        <a href="/link">更多</a>
					</p>
				</div>
			</div>

			<div class="span2">
			    <div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/index">SecWiki公众号</a>						<span class="line"></span>
					</h5>
					<div style="margin-top:15px; width: 90px; height: 90px;">
						<img src="https://secwiki.b0.upaiyun.com/weixin.jpg">
					</div>
				</div>
			</div>

			<div class="span2">
				<div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/donate">安全学术圈</a>					<span class="line"></span>
					</h5>
					<div style="margin-top:15px; width: 90px; height: 90px;">
						<img src="https://secwiki.b0.upaiyun.com/secquan.jpg">
					</div>
				</div>
			</div>

		</div>
		<div class="container" style="margin-top:5px;margin-bottom: 10px;">
			<div class="span9">
					Copyright &copy;
					2019                    琼ICP备16003361号-4
                    SecWiki
					<a href="/news/rss">
						<img src="/img/rss.gif" border="0" width="36px" height="14px" alt="订阅SecWiki">
					</a>
					<a href="https://www.upyun.com/">
						<img src="https://secwiki.b0.upaiyun.com/upyun.png" width="80" border="0" alt="UPYUN">
					</a>
					<a href="http://www.vultr.com/?ref=6885244">
						<img src="https://secwiki.b0.upaiyun.com/vultr.png" width="100" border="0" alt="vultr">
					</a>&nbsp;&nbsp;
			</div>
		</div>
</div><!-- footer -->
<div id="csswithjs">
        <script type="text/javascript">
            var _bdhmProtocol = (("https:" == document.location.protocol) ? " https://" : " http://");
            document.write(unescape("%3Cscript src='" + _bdhmProtocol + "hm.baidu.com/h.js%3Fbad84ea1f314383f8da7949aad5c2199' type='text/javascript'%3E%3C/script%3E"));
    </script>
</div>
<script type="text/javascript" src="https://secwiki.b0.upaiyun.com/js/bs.min.js"></script>
<script type="text/javascript">
/*<![CDATA[*/
jQuery(function($) {
jQuery('[data-toggle=popover]').popover();
jQuery('body').tooltip({"selector":"[data-toggle=tooltip]"});
jQuery('#yii_bootstrap_collapse_0').collapse({'parent':false,'toggle':false});
});
/*]]>*/
</script>
</body>
<!-- page -->
</html>
